Our mission is smarter security.
About Datassurant

Founder and CEO Michael La Barge experienced the cookie cutter and impersonal approach of top cyber security organizations in the early 2000s. It seemed unacceptable to continually leave clients in a bind due to not taking the time to understand their security posture or being too rigid with compliance standards when other low or no cost options were available. Going the extra mile and tackling complex problems in an efficient and flexible manner were second nature to him. Forming Datassurant and filling this need was the next logical step with Michael’s extensive military, information security, and business background.

Datassurant is a full-service information security and compliance consulting firm specializing in performing compliance audits, computer security assessments, and penetration testing. Datassurant provides Security Management Program (SMP) and Managed Security Service Provider (MSSP) services through its AERGAP division delivered by highly skilled security experts that act as an extension of your own security team from detection to response and remediation.

Michael attended the first Qualified Security Assessor (QSA) class offered by the Payment Card Industry Security Standards Council (PCI SSC) at the VISA headquarters in Foster City, California. Fast forward to today, Datassurant is authorized and certified by the PCI SSC as a Qualified Security Assessor (QSA), Payment Card Industry 3-D Secure (PCI 3DS), and Payment Application Qualified Security Assessor (PA-QSA) company in the United States and Canada.

We are flexible.

Other information security companies can be rigid in meeting compliance standards. It’s easier to automate services and force a client to meet the standard rather than helping a client find low cost or no cost options. That time introduces complexities that other companies simply don’t want to do. We aim to understand your business keeping proper security and compliance in mind, finding the most flexible approach, and avoiding costly investment of new technology for a client to meet a standard.

We are responsive.

Your time is important. We pride ourselves on our responsiveness and resolutions to your security and compliance matters with consistent and continual communication.  Our focus is on establishing long-term customer relationships and continuing to earn your trust.

We are cost effective.

Our contracts have no hidden surprises. Our operations are lean and we pass the savings on to you without compromising quality or customer service.

Methodology

Our methodology focuses first on business; making sure the data connections, people, networks and information your business trusts are in fact secure. We believe information security should be a catalyst to business success; a supporting foundation for all other business functions. We concentrate on enabling our clients to use the most up to date policies, procedures and technologies in ways that enhance, not complicate, existing business methods or processes.

Accreditations

Datassurant Inc. is a leading information security, compliance, and managed security services firm headquartered in Toronto and Washington, D.C. Datassurant has a solid foundation of over 20 years of financial, business and information security expertise in commercial and government business. Datassurant employees hold certifications like Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Qualified Security Assessor (QSA), Payment Application Qualified Security Assessor (PA-QSA), and PCI 3DS Assessor.

Datassurant is authorized and certified by the PCI SSC as a Qualified Security Assessor (QSA), Payment Card Industry 3-D Secure (PCI 3DS), and Payment Application Qualified Security Assessor (PA-QSA) company in the United States and Canada. Datassurant is a trusted partner for the rapidly changing security needs of the networked and e-commerce world.

To learn about our services, please contact us.

PCI DSS

We make it easy to validate PCI DSS compliance and minimize your risks.

PCI DSS can sometimes be time consuming and complex, especially when you are busy running a business. Our PCI compliance offerings and programs are straightforward and customizable. PCI compliance requires adherence to a set of guidelines instituted by the Payment Card Industry, ensuring that ecommerce sites follow data security standards (DSS). PCI compliance can make or break your credit card payment operations and potentially your entire business. We are here to help you navigate through the entire process.

PA-DSS

Secure payment applications are not just in demand, they are mandatory.

Software vendors who develop payment application and point-of-sale (POS) systems can turn to Datassurant, a long-time leader in information security and compliance services; and provider of payment application gap-analysis, payment application testing, code review, implementation guide assistance and several other key PA-DSS related services.

3DS

We are certified to assess your environment using the PCI 3DS Core Security Standard.

Datassurant has successfully met all PCI Security Standards Council requirements to perform 3DS assessments. These requirements cover security assessment procedures for EMV® 3-D Secure Core Components. The 3DS standard is mandatory for organizations that use these components, which include Access Core Server (ACS), Directory Server (DS), and 3DS Server. These measures have been established to protect 3DS transactions. Datassurant can help you meet these standards.

EI3PA

Datassurant has customized services to fit your needs.

Datassurant is certified to help businesses meet the Experian Independent 3rd Party Assessment (EI3PA) standard. To prove compliance, businesses must go through an audit process with a certified PCI QSA company. Datassurant can help guide you through all of the requirements you must meet to be considered compliant. We can customize our programs to ensure you only receive the services that you need.

Scanning and Testing

Are you at risk? Datassurant can help.

We will help you understand the risks in your current site structure. Some of our processes include dynamic port scanning, port-level network services detection, vulnerability testing, and web application vulnerability testing. We will let you know exactly what you need to do to improve. You can feel confident that your customers are protected.

Cloud Cybersecurity Solutions

Datassurant has the solutions you need to build and maintain a successful cloud security program.

Our team of security experts will help you navigate the cloud security risks and protect you from the security threats to your business. We provide recommendations based on industry standards and best practices to protect your data in the cloud. Datassurant can protect your business, giving you peace of mind to focus on growing your business.